Prisma Cloud: Error "Only the System Admin role has the permissions to perform this operation"

Prisma Cloud: Error "Only the System Admin role has the permissions to perform this operation"

3202
Created On 05/10/24 07:39 AM - Last Modified 02/10/25 22:04 PM


Symptom


  • An error message appears for users without System Admin privileges when attempting to add labels to policies. The message states: “Only the System Admin role has the permissions to perform this operation.”
GUI Path: Governance > Overview 
image.png
  • Even with full policy permissions (update, create, delete, view), a user cannot edit policies unless logged in with a System Administrator account.
GUI Path: Settings > Access Control > Permission Groups 
image.png
 

Environment


  • Prisma Cloud,
  • Policy

Cause


  • The cause of the problem was a missing feature flag, which prevented users without System Administrator privileges from modifying policies.

Resolution


  • The {{ignore_role_based_rbac_for_policy}} feature flag must be enabled for the customer's tenant, allowing non-System Administrators to apply labels to policies.
  • To enable this functionality, please submit a request to engineering team.

Additional Information


View our documentation here on how to create custom permission groups. 
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA14u000000scCXCAY&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail

Choose Language